procmgmt: config
+${COMPILE_PART1} procmgmt ${COMPILE_PART2}
-util: procmgmt des lwp_depinstall
+util: procmgmt lwp_depinstall
+${COMPILE_PART1} util ${COMPILE_PART2}
audit: util rx rxkad
#define USE_MS2MIT 1
#define USE_LEASH 1
+/* Prevent inclusion of des.h to avoid conflicts with des types */
+#define NO_DES_H_INCLUDE
+
#include "afskfw-int.h"
#include "afskfw.h"
#include <userenv.h>
#ifdef AFS_SUN5_ENV
#include <sys/ioccom.h>
#endif
+
+/* Prevent inclusion of des.h to avoid conflicts with des types */
+#define NO_DES_H_INCLUDE
+
#include <afs/auth.h>
#include <afs/cellconfig.h>
#include <afs/vice.h>
#include "afsincludes.h"
#include "afs/stds.h"
#include "afs/pthread_glock.h"
-#include "des/des.h"
-#include "des/des_prototypes.h"
#include "rx/rxkad.h"
#include "rx/rx.h"
#include "afs/cellconfig.h"
}
/* next create random session key, using key for seed to good random */
- des_init_random_number_generator(&key);
- code = des_random_key(&session);
+ des_init_random_number_generator(ktc_to_cblock(&key));
+ code = des_random_key(ktc_to_cblock(&session));
if (code) {
return QuickAuth(astr, aindex);
}
#include <netinet/in.h>
#include <netdb.h>
#include <string.h>
+#include <stdio.h>
#include <afs/stds.h>
#include <afs/afsutil.h>
printf("\nInput key mismatch\n");
exit(1);
}
- des_string_to_key(buf, &tkey);
+ des_string_to_key(buf, ktc_to_cblockptr(&tkey));
code = afsconf_AddKey(tdir, kvno, &tkey, 0);
if (code) {
printf("bos_util: failed to set key, code %d.\n", code);
#endif
extern int des_debug;
+static_inline unsigned char *
+cblockptr_to_cblock(des_cblock *key) {
+ return (unsigned char *)key;
+}
+
+static_inline unsigned char *
+charptr_to_cblock(char *key) {
+ return (unsigned char *)key;
+}
+
+static_inline des_cblock *
+charptr_to_cblockptr(char *key) {
+ return (unsigned char (*)[])key;
+}
+
/* cbc_encrypt.c */
extern afs_int32 des_cbc_encrypt(void * in, void * out,
register afs_int32 length,
}
/* fix key parity */
- des_fixup_key_parity(key);
+ des_fixup_key_parity(cblockptr_to_cblock(key));
/* Now one-way encrypt it with the folded key */
- (void)des_key_sched(key, key_sked);
- (void)des_cbc_cksum((des_cblock *) in_str, key, length, key_sked, key);
+ des_key_sched(cblockptr_to_cblock(key), key_sked);
+ des_cbc_cksum(charptr_to_cblockptr(in_str), key, length, key_sked, key);
/* erase key_sked */
memset((char *)key_sked, 0, sizeof(key_sked));
/* now fix up key parity again */
- des_fixup_key_parity(key);
+ des_fixup_key_parity(cblockptr_to_cblock(key));
if (des_debug)
fprintf(stdout, "\nResulting string_to_key = 0x%x 0x%x\n",
#include <stdio.h>
#include <rx/rx.h>
+#include <rx/rxkad.h>
#include <lock.h>
#define UBIK_LEGACY_CALLITER 1
#include <ubik.h>
ka_PrintBytes((char *)&key, sizeof(key));
printf("'.\n");
- des_string_to_key(as->parms[0].items->data, &key);
+ des_string_to_key(as->parms[0].items->data, ktc_to_cblockptr(&key));
printf("Converting %s with the DES string to key yields key='",
as->parms[0].items->data);
ka_GetAdminToken(name, instance, cell, &key, KA_SIXHOURS,
&token, 0 /* !new */ );
if (code == KABADREQUEST) {
- des_string_to_key(passwd, &key);
+ des_string_to_key(passwd, ktc_to_cblockptr(&key));
code =
ka_GetAdminToken(name, instance, cell, &key, KA_SIXHOURS,
&token, 0 /* !new */ );
#include "afs_usrops.h"
#include "afs/stds.h"
#include "afs/pthread_glock.h"
+#include "des.h"
+#include "des_prototypes.h"
#include "rx/rxkad.h"
#include "afs/cellconfig.h"
#include "ubik.h"
#include "afs/auth.h"
-#include "des/des.h"
#include "afs/afsutil.h"
#include "afs/kauth.h"
#include <netinet/in.h>
#endif
#include <string.h>
+#include <stdio.h>
+#include <des.h>
+#include <des_prototypes.h>
#include <rx/rxkad.h>
#include <afs/cellconfig.h>
#include <ubik.h>
#include <afs/auth.h>
-#include <des.h>
#include <afs/afsutil.h>
#include "kauth.h"
#include "kautils.h"
int version;
LOCK_GLOBAL_MUTEX;
- if ((code = des_key_sched(key, schedule))) {
+ if ((code = des_key_sched(ktc_to_cblock(key), schedule))) {
UNLOCK_GLOBAL_MUTEX;
return KABADKEY;
}
arequest.SeqLen = sizeof(request);
arequest.SeqBody = (char *)&request;
des_pcbc_encrypt(arequest.SeqBody, arequest.SeqBody, arequest.SeqLen,
- schedule, key, ENCRYPT);
+ schedule, ktc_to_cblockptr(key), ENCRYPT);
oanswer.MaxSeqLen = sizeof(answer);
oanswer.SeqLen = 0;
return KAUBIKCALL;
}
des_pcbc_encrypt(oanswer.SeqBody, oanswer.SeqBody, oanswer.SeqLen,
- schedule, key, DECRYPT);
+ schedule, ktc_to_cblockptr(key), DECRYPT);
switch (version) {
case 1:
aticket.SeqLen = auth_token->ticketLen;
aticket.SeqBody = auth_token->ticket;
- code = des_key_sched(&auth_token->sessionKey, schedule);
+ code = des_key_sched(ktc_to_cblock(&auth_token->sessionKey), schedule);
if (code) {
UNLOCK_GLOBAL_MUTEX;
return KABADKEY;
}
des_pcbc_encrypt(oanswer.SeqBody, oanswer.SeqBody, oanswer.SeqLen,
- schedule, &auth_token->sessionKey, DECRYPT);
+ schedule, ktc_to_cblockptr(&auth_token->sessionKey), DECRYPT);
switch (version) {
case 1:
#include "afs/kautils.h"
#include "afs/pthread_glock.h"
#include "des/des.h"
-#include <des_prototypes.h>
+#include "des/des_prototypes.h"
#else /* defined(UKERNEL) */
#include <afs/stds.h>
#include <afs/cellconfig.h>
#include <afs/auth.h>
#include <afs/afsutil.h>
+#include <des.h>
+#include <des_prototypes.h>
#include "kauth.h"
#include "kautils.h"
#endif /* defined(UKERNEL) */
keybytes[i] = (unsigned char)(temp << 1);
}
}
- des_fixup_key_parity(key);
+ des_fixup_key_parity(ktc_to_cblock(key));
}
static void
struct ktc_encryptionKey *key)
{
des_key_schedule schedule;
- char temp_key[8];
+ unsigned char temp_key[8];
char ivec[8];
char password[BUFSIZ];
int passlen;
memcpy(temp_key, "kerberos", 8);
des_fixup_key_parity(temp_key);
des_key_sched(temp_key, schedule);
- des_cbc_cksum(password, ivec, passlen, schedule, ivec);
+ des_cbc_cksum(charptr_to_cblockptr(password), charptr_to_cblockptr(ivec), passlen, schedule, charptr_to_cblockptr(ivec));
memcpy(temp_key, ivec, 8);
des_fixup_key_parity(temp_key);
des_key_sched(temp_key, schedule);
- des_cbc_cksum(password, key, passlen, schedule, ivec);
+ des_cbc_cksum(charptr_to_cblockptr(password), ktc_to_cblockptr(key), passlen, schedule, charptr_to_cblockptr(ivec));
- des_fixup_key_parity(key);
+ des_fixup_key_parity(ktc_to_cblock(key));
}
void
#include <lock.h>
#include <ubik.h>
#include <lwp.h>
+#include <des.h>
+#include <des_prototypes.h>
#include <rx/xdr.h>
#include <rx/rx.h>
#include <rx/rxkad.h>
#include <netinet/in.h>
#endif
#include <string.h>
-#include <des.h>
-#include <des_prototypes.h>
#include <afs/cellconfig.h>
#include <afs/auth.h>
#include <afs/com_err.h>
if (to) { /* check if auto cpw is disabled */
if (!(ntohl(tentry.flags) & KAFNOCPW)) {
memcpy(&key, &random_value[0], sizeof(key));
- des_fixup_key_parity(&key);
+ des_fixup_key_parity(ktc_to_cblock(&key));
code =
set_password(tt, KA_ADMIN_NAME, KA_ADMIN_INST, &key, 0,
0);
if (code == 0) {
- des_init_random_number_generator(&key);
+ des_init_random_number_generator(ktc_to_cblock(&key));
ka_ConvertBytes(buf, sizeof(buf), (char *)&key,
sizeof(key));
es_Report("New Admin key is %s\n", buf);
if (to) { /* check if auto cpw is disabled */
if (!(ntohl(tentry.flags) & KAFNOCPW)) {
memcpy(&key, &random_value[2], sizeof(key));
- des_fixup_key_parity(&key);
+ des_fixup_key_parity(ktc_to_cblock(&key));
code = set_password(tt, KA_TGS_NAME, lrealm, &key, 0, 0);
if (code == 0) {
ka_ConvertBytes(buf, sizeof(buf), (char *)&key,
int code;
gettimeofday((struct timeval *)&key, 0); /* this is just a cheap seed key */
- des_fixup_key_parity(&key);
- des_init_random_number_generator(&key);
- if ((code = des_random_key(&key))
+ des_fixup_key_parity(ktc_to_cblock(&key));
+ des_init_random_number_generator(ktc_to_cblock(&key));
+ if ((code = des_random_key(ktc_to_cblock(&key)))
|| (code =
create_user(tt, KA_ADMIN_NAME, KA_ADMIN_INST, &key, 0,
KAFNORMAL | KAFNOSEAL | KAFNOTGS)))
return code;
- if ((code = des_random_key(&key))
+ if ((code = des_random_key(ktc_to_cblock(&key)))
|| (code =
create_user(tt, KA_TGS_NAME, lrealm, &key, 0,
KAFNORMAL | KAFNOSEAL | KAFNOTGS)))
code);
return code;
}
- des_init_random_number_generator(&key);
+ des_init_random_number_generator(ktc_to_cblock(&key));
code = ubik_EndTrans(tt);
if (code) {
afs_int32 caller; /* Disk offset of caller's entry */
COUNT_REQ(CreateUser);
- if (!des_check_key_parity(&ainitpw) || des_is_weak_key(&ainitpw))
+ if (!des_check_key_parity(EncryptionKey_to_cblock(&ainitpw)) || des_is_weak_key(EncryptionKey_to_cblock(&ainitpw)))
return KABADKEY;
if (!name_instance_legal(aname, ainstance))
return KABADNAME;
ubik_AbortTrans(tt);
return code;
}
- code = create_user(tt, aname, ainstance, &ainitpw, caller, KAFNORMAL);
+ code = create_user(tt, aname, ainstance, EncryptionKey_to_ktc(&ainitpw), caller, KAFNORMAL);
if (code) {
COUNT_ABO;
ubik_AbortTrans(tt);
}
/* decrypt request w/ user password */
- if ((code = des_key_sched(&tentry.key, user_schedule)))
+ if ((code = des_key_sched(ktc_to_cblock(&tentry.key), user_schedule)))
es_Report("In KAChangePassword: key_sched returned %d\n", code);
des_pcbc_encrypt(arequest->SeqBody, &request,
min(arequest->SeqLen, sizeof(request)), user_schedule,
- &tentry.key, DECRYPT);
+ ktc_to_cblockptr(&tentry.key), DECRYPT);
/* validate the request */
request_time = ntohl(request.time); /* reorder date */
/* check to see if the new password was used before, or if there has
* not been sufficient time since the last password change
*/
- code = impose_reuse_limits(&request.newpw, &tentry);
+ code = impose_reuse_limits(ktc_to_EncryptionKey(&request.newpw), &tentry);
if (code) {
goto abort;
}
memcpy(answer, KA_CPW_ANS_LABEL, KA_LABELSIZE);
des_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, answer_len,
- user_schedule, &tentry.key, ENCRYPT);
+ user_schedule, ktc_to_cblockptr(&tentry.key), ENCRYPT);
code = set_password(tt, aname, ainstance, &request.newpw, kvno, 0);
if (code) {
COUNT_REQ(SetPassword);
if (akvno > MAXKAKVNO)
return KABADARGUMENT;
- if (!des_check_key_parity(&apassword) || des_is_weak_key(&apassword))
+ if (!des_check_key_parity(EncryptionKey_to_cblock(&apassword)) || des_is_weak_key(EncryptionKey_to_cblock(&apassword)))
return KABADKEY;
if (!name_instance_legal(aname, ainstance))
if (code) {
goto abort;
}
- if ((code = karead(tt, caller, &tentry, sizeof(tentry)))) {
+ if ((code = karead(tt, caller, (char *)&tentry, sizeof(tentry)))) {
code = KAIO;
goto abort;
}
code = impose_reuse_limits(&apassword, &tentry);
if (!code)
code =
- set_password(tt, aname, ainstance, &apassword, akvno, 0);
+ set_password(tt, aname, ainstance, EncryptionKey_to_ktc(&apassword), akvno, 0);
}
} else if (ntohl(tentry.flags) & KAFADMIN) {
- code = set_password(tt, aname, ainstance, &apassword, akvno, caller);
+ code = set_password(tt, aname, ainstance, EncryptionKey_to_ktc(&apassword), akvno, caller);
} else
code = KANOAUTH;
if (code)
save_principal(authPrincipal, aname, ainstance, 0);
/* decrypt request w/ user password */
- if ((code = des_key_sched(&tentry.key, user_schedule)))
+ if ((code = des_key_sched(ktc_to_cblock(&tentry.key), user_schedule)))
es_Report("In KAAuthenticate: key_sched returned %d\n", code);
des_pcbc_encrypt(arequest->SeqBody, &request,
min(arequest->SeqLen, sizeof(request)), user_schedule,
- &tentry.key, DECRYPT);
+ ktc_to_cblockptr(&tentry.key), DECRYPT);
request.time = ntohl(request.time); /* reorder date */
tgt = !strncmp(request.label, KA_GETTGT_REQ_LABEL, sizeof(request.label));
tgskvno = ntohl(server.key_version);
memcpy(&tgskey, &server.key, sizeof(tgskey));
- code = des_random_key(&sessionKey);
+ code = des_random_key(ktc_to_cblock(&sessionKey));
if (code) {
code = KANOKEYS;
goto abort;
goto abort;
}
des_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, oanswer->SeqLen,
- user_schedule, &tentry.key, ENCRYPT);
+ user_schedule, ktc_to_cblockptr(&tentry.key), ENCRYPT);
code = ubik_EndTrans(tt);
KALOG(aname, ainstance, sname, sinst, NULL, call->conn->peer->host,
LOG_AUTHENTICATE);
code = KANOENT;
goto abort;
} else {
- if ((code = karead(tt, callerIndex, &caller, sizeof(caller)))) {
+ if ((code = karead(tt, callerIndex, (char *)&caller, sizeof(caller)))) {
code = KAIO;
goto abort;
}
/* Now get entry of user who last modified this entry */
if (ntohl(tentry.modification_id)) {
temp = ntohl(tentry.modification_id);
- code = karead(tt, temp, &tentry, sizeof(tentry));
+ code = karead(tt, temp, (char *)&tentry, sizeof(tentry));
if (code) {
code = KAIO;
goto abort;
code = KANOAUTH;
goto abort;
}
- code = des_key_sched(&authSessionKey, schedule);
+ code = des_key_sched(ktc_to_cblock(&authSessionKey), schedule);
if (code) {
code = KANOAUTH;
goto abort;
}
save_principal(tgsServerPrincipal, sname, sinstance, 0);
- code = des_random_key(&sessionKey);
+ code = des_random_key(ktc_to_cblock(&sessionKey));
if (code) {
code = KANOKEYS;
goto abort;
goto abort;
}
des_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, oanswer->SeqLen,
- schedule, &authSessionKey, ENCRYPT);
+ schedule, ktc_to_cblockptr(&authSessionKey), ENCRYPT);
code = ubik_EndTrans(tt);
KALOG(name, instance, sname, sinstance, (import ? authDomain : NULL),
call->conn->peer->host, LOG_GETTICKET);
COUNT_REQ(GetRandomKey);
if ((code = AwaitInitialization()))
return code;
- code = des_random_key(key);
+ code = des_random_key(EncryptionKey_to_cblock(key));
if (code)
return KANOKEYS;
return 0;
goto abort;
if (!noAuthenticationRequired && callerIndex) {
- if (karead(tt, callerIndex, &caller, sizeof(caller))) {
+ if (karead(tt, callerIndex, (char *)&caller, sizeof(caller))) {
code = KAIO;
goto abort;
}
struct ktc_encryptionKey *key);
extern int name_instance_legal(char *name, char *instance);
+
+static inline unsigned char *
+EncryptionKey_to_cblock(EncryptionKey *key) {
+ return (unsigned char *)key;
+}
+
+static inline struct ktc_encryptionKey *
+EncryptionKey_to_ktc(EncryptionKey *key) {
+ return (struct ktc_encryptionKey *)key;
+}
+
+static inline EncryptionKey *
+ktc_to_EncryptionKey(struct ktc_encryptionKey *key) {
+ return (EncryptionKey *)key;
+}
ka_KeyCheckSum(char *key, afs_uint32 * cksumP)
{
des_key_schedule s;
- char block[8];
+ unsigned char block[8];
afs_uint32 cksum;
afs_int32 code;
*cksumP = 0;
memset(block, 0, 8);
- code = des_key_sched(key, s);
+ code = des_key_sched(charptr_to_cblock(key), s);
if (code)
return KABADKEY;
des_ecb_encrypt(block, block, s, ENCRYPT);
#endif
#include <string.h>
#include <signal.h>
+#include <des.h>
+#include <des_prototypes.h>
#include <afs/com_err.h>
#include <afs/auth.h>
#include <afs/cellconfig.h>
#include <afs/cmd.h>
-#include <des.h>
-#include <des_prototypes.h>
#include "kauth.h"
#include "kautils.h"
#include "kkids.h"
}
}
ka_StringToKey(passwd, realm, &key);
- des_string_to_key(passwd, &mitkey);
+ des_string_to_key(passwd, ktc_to_cblockptr(&mitkey));
give_to_child(passwd);
/* Get new password if it wasn't provided. */
npasswd[8] = 0; /* in case the password was exactly 8 chars long */
#endif
ka_StringToKey(npasswd, realm, &newkey);
- des_string_to_key(npasswd, &newmitkey);
+ des_string_to_key(npasswd, ktc_to_cblockptr(&newmitkey));
memset(npasswd, 0, sizeof(npasswd));
if (lexplicit)
#include <afs/com_err.h>
#include <lwp.h>
#include <des.h>
+#include <des_prototypes.h>
#include <rx/xdr.h>
#include <rx/rx.h>
#include <rx/rxkad.h>
#include <afs/auth.h>
-#include <des.h>
-#include <des_prototypes.h>
#include <ubik.h>
#include "kauth.h"
printf("\n");
}
- if ((code = des_key_sched(key, schedule)))
+ if ((code = des_key_sched(ktc_to_cblock(key), schedule)))
printf("In KAAuthenticate: key_sched returned %d\n", code);
- des_pcbc_encrypt(cipher, cipher, len, schedule, key, ENCRYPT);
+ des_pcbc_encrypt(cipher, cipher, len, schedule, ktc_to_cblockptr(key), ENCRYPT);
*cipherLen = round_up_to_ebs(len);
if (krb_udp_debug) {
afs_int32 time_sec;
int byteOrder = pkt->byteOrder;
- des_key_sched(key, schedule);
- des_pcbc_encrypt(auth, auth, authLen, schedule, key, DECRYPT);
+ des_key_sched(ktc_to_cblock(key), schedule);
+ des_pcbc_encrypt(auth, auth, authLen, schedule, ktc_to_cblockptr(key), DECRYPT);
packet = auth;
if (strcmp(packet, name) != 0)
return KABADTICKET;
}
/* make the ticket */
- code = des_random_key(&sessionKey);
+ code = des_random_key(ktc_to_cblock(&sessionKey));
if (code) {
code = KERB_ERR_NULL_KEY; /* was KANOKEYS */
goto abort;
if (ntohl(server.flags) & KAFNOSEAL)
return KABADSERVER;
- code = des_random_key(&sessionKey);
+ code = des_random_key(ktc_to_cblock(&sessionKey));
if (code) {
code = KERB_ERR_NULL_KEY; /* was KANOKEYS */
goto fail;
#include <mit-cpyright.h>
-#include <des.h>
#include <stdio.h>
+#include <des.h>
+#include <des_prototypes.h>
#ifdef BSDUNIX
#include <strings.h>
#include <sys/ioctl.h>
#include <afs/cmd.h>
#include <des.h>
#include <des_prototypes.h>
+#include <rx/rxkad.h>
#include <afs/com_err.h>
printf("Entry %d has zero length name\n", i);
continue;
}
- if (!des_check_key_parity(&entry.key)
- || des_is_weak_key(&entry.key)) {
+ if (!des_check_key_parity(ktc_to_cblock(&entry.key))
+ || des_is_weak_key(ktc_to_cblock(&entry.key))) {
fprintf(stderr, "Entry %d, %s, has bad key\n", i,
EntryName(&entry));
continue;
#include "afs/kautils.h"
#include "afs/afsutil.h"
#include "afs/ptuser.h"
-#include "des.h"
#else /* defined(UKERNEL) */
#include <afs/stds.h>
#include <signal.h>
#include <unistd.h>
#endif
#include <string.h>
+#include <stdio.h>
#include <afs/cellconfig.h>
#include <afs/auth.h>
#include <afs/ptint.h>
#include <afs/ptserver.h>
#include <afs/afsutil.h>
#include <afs/sys_prototypes.h>
+#include <des.h>
+#include <des_prototypes.h>
#include <rx/rx.h>
#include <rx/rx_globals.h>
#include <rx/rxkad.h> /* max ticket lifetime */
-#include <des.h>
-#include <des_prototypes.h>
#include "kauth.h"
#include "kautils.h"
#endif /* defined(UKERNEL) */
if (flags & KA_USERAUTH_ONLY_VERIFY) {
code = ka_VerifyUserToken(name, instance, realm, &key);
if (code == KABADREQUEST) {
- des_string_to_key(password, &key);
+ des_string_to_key(password, ktc_to_cblockptr(&key));
code = ka_VerifyUserToken(name, instance, realm, &key);
}
} else {
GetTickets(name, instance, realm, &key, lifetime,
password_expires, dosetpag);
if (code == KABADREQUEST) {
- des_string_to_key(password, &key);
+ des_string_to_key(password, ktc_to_cblockptr(&key));
code =
GetTickets(name, instance, realm, &key, lifetime,
password_expires, dosetpag);
#include "fcrypt.h"
#include "rx/rx.h"
+/* Don't include des.h where it can cause conflict with krb4 headers */
+#if !defined(NO_DES_H_INCLUDE)
+#include <des.h>
+#endif
+
/* domestic/crypt_conn.c */
extern afs_int32 rxkad_DecryptPacket(const struct rx_connection *conn,
const fc_KeySchedule * schedule,
/* ticket.c */
extern int tkt_DecodeTicket(char *asecret, afs_int32 ticketLen,
struct ktc_encryptionKey *key, char *name,
- char *inst, char *cell, char *sessionKey,
+ char *inst, char *cell, struct ktc_encryptionKey *sessionKey,
afs_int32 * host, afs_int32 * start,
afs_int32 * end);
extern int tkt_MakeTicket(char *ticket, int *ticketLen,
/* ticket5.c */
extern int tkt_DecodeTicket5(char *ticket, afs_int32 ticket_len,
- int (*get_key) (char *, int,
+ int (*get_key) (void *, int,
struct ktc_encryptionKey *),
char *get_key_rock, int serv_kvno, char *name,
- char *inst, char *cell, char *session_key,
+ char *inst, char *cell, struct ktc_encryptionKey *session_key,
afs_int32 * host, afs_int32 * start,
afs_int32 * end, afs_int32 disableDotCheck);
+#if !defined(NO_DES_H_INCLUDE)
+static_inline unsigned char *
+ktc_to_cblock(struct ktc_encryptionKey *key) {
+ return (unsigned char *)key;
+}
+
+static_inline des_cblock *
+ktc_to_cblockptr(struct ktc_encryptionKey *key) {
+ return (des_cblock *)key;
+}
+#endif
+
+
#endif
#include <afs/param.h>
#endif
+#include <stdio.h>
#if defined(UKERNEL)
#include "afs/sysincludes.h"
#include "afs/stds.h"
#include "rx/xdr.h"
#include "rx/rx.h"
-#include "des/des.h"
#include "rxkad/lifetimes.h"
+#include "des.h"
+#include "des/des_prototypes.h"
#include "rx/rxkad.h"
#else /* defined(UKERNEL) */
#include <afs/stds.h>
#include <netinet/in.h>
#endif
#include <string.h>
+#include <des.h>
+#include <des_prototypes.h>
#include <rx/xdr.h>
#include <rx/rx.h>
-#include <des.h>
#include "lifetimes.h"
#include "rxkad.h"
#endif /* defined(UKERNEL) */
int
tkt_DecodeTicket(char *asecret, afs_int32 ticketLen,
struct ktc_encryptionKey *key, char *name, char *inst,
- char *cell, char *sessionKey, afs_int32 * host,
+ char *cell, struct ktc_encryptionKey *sessionKey, afs_int32 * host,
afs_int32 * start, afs_int32 * end)
{
char clear_ticket[MAXKTCTICKETLEN];
((ticketLen) % 8 != 0)) /* enc. part must be (0 mod 8) bytes */
return RXKADBADTICKET;
- if (key_sched(key, schedule.schedule))
+ if (key_sched(ktc_to_cblock(key), schedule.schedule))
return RXKADBADKEY;
ticket = clear_ticket;
- pcbc_encrypt(asecret, ticket, ticketLen, schedule.schedule, key, DECRYPT);
+ pcbc_encrypt(asecret, ticket, ticketLen, schedule.schedule, ktc_to_cblockptr(key), DECRYPT);
code =
decode_athena_ticket(ticket, ticketLen, name, inst, cell, host,
- sessionKey, start, end);
+ (struct ktc_encryptionKey *)sessionKey, start, end);
if (code)
return RXKADBADTICKET;
return -1;
/* encrypt ticket */
- if ((code = key_sched(key, schedule.schedule))) {
+ if ((code = key_sched(ktc_to_cblock(key), schedule.schedule))) {
printf("In tkt_MakeTicket: key_sched returned %d\n", code);
return RXKADBADKEY;
}
- pcbc_encrypt(ticket, ticket, *ticketLen, schedule.schedule, key, ENCRYPT);
+ pcbc_encrypt(ticket, ticket, *ticketLen, schedule.schedule, ktc_to_cblockptr(key), ENCRYPT);
return 0;
}
#include "../afs/stds.h"
#include "../rx/xdr.h"
#include "../rx/rx.h"
-#include "../des/des.h"
#include "../afs/lifetimes.h"
#include "../afs/rxkad.h"
#else /* defined(UKERNEL) */
#include <string.h>
#include <rx/xdr.h>
#include <rx/rx.h>
-#include <des.h>
#include "lifetimes.h"
#include "rxkad.h"
#endif /* defined(UKERNEL) */
* bug with MIT by sending mail to krb5-bugs@mit.edu.
*/
+extern afs_int32 des_cbc_encrypt(void * in, void * out,
+ register afs_int32 length,
+ des_key_schedule key, des_cblock *iv,
+ int encrypt);
+extern int des_key_sched(register des_cblock k, des_key_schedule schedule);
+
struct krb_convert {
char *v4_str;
char *v5_str;
int
tkt_DecodeTicket5(char *ticket, afs_int32 ticket_len,
- int (*get_key) (char *, int, struct ktc_encryptionKey *),
+ int (*get_key) (void *, int, struct ktc_encryptionKey *),
char *get_key_rock, int serv_kvno, char *name, char *inst,
- char *cell, char *session_key, afs_int32 * host,
+ char *cell, struct ktc_encryptionKey *session_key, afs_int32 * host,
afs_int32 * start, afs_int32 * end, afs_int32 disableCheckdot)
{
char plain[MAXKRB5TICKETLEN];
cksum_func = NULL;
- des_key_sched(key, &s);
+ des_key_sched(ktc_to_cblock(key), (struct des_ks_struct *)&s);
#define CONFOUNDERSZ 8